Ransomware Tops List of Social Media Security Threats

With retail data breaches, long-hidden vulnerabilities in software being discovered, and the Sony hack’s spotlight on insider threats, the security risks involving social media have taken a backseat. In fact, I can’t remember the last time I thought much about social media-related threats over the past months.

However, an infographic released by the folks at PhishMe about social media security reminded me that we can’t forget about potential risk areas just because they aren’t in the news cycle. As the infographic points out, the vast majority of us are signed up with at least one social media account, while many visit multiple social media sites on a regular basis. Hackers know this, and thanks to improved social engineering, they are able to gain access to a lot of information from users.

Help Net Security posted a list of social media security risks that we need to think about in the coming year. The list isn’t too surprising. We should expect a rise in malvertising (I would think that is across the board, not just on social media; for example, my security software has gotten quite a workout lately because of malware embedded in Web ads), Trojans hidden in videos—particularly graphic and violent videos, and lots of scams based on user activities. But the one that tops the list is the increasing risk of ransomware on social media sites, especially on social media sites accessed via mobile platforms. When an employee falls victim to a ransomware scam, everything on that computer’s hard drive could be held for ransom. How much of a loss of production is at risk here, as well as the theft or loss of data?

"Ransomware victims will be in for a rude shock when they attempt to access their cloud storage to restore data—only to find their backups have also been encrypted by the ransomware," the experts said.

As I mentioned, ransomware is only one of a number of security threats happening via social media, albeit one that has an escalating risk factor. But it may be the starting point for discussions with any employee who uses social media through the company network—whether for personal or business use—on how cybercriminals find social media to be an easy access point to a gold mine of information.

Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba